urlscan.io logo urlscan.io
SecurityTrails logo

jeux2016.com Open in urlscan Pro
162.251.238.99  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://jeux2016.com/document/
Submission: On July 09 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 162.251.238.99, located in Las Vegas, United States and belongs to FIBERHUB - VegasNAP, LLC, US. The main domain is jeux2016.com.
This is the only time jeux2016.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online) Adobe (Consumer)

Domain & IP information

IP Address AS Autonomous System
7 162.251.238.99 53340 (FIBERHUB)
1 92.123.94.15 20940 (AKAMAI-ASN1)
1 66.235.148.129 15224 (OMNITURE)
9 4
Apex Domain
Subdomains		 Transfer
7 jeux2016.com
jeux2016.com
113 KB
1 adobe.com
stats.adobe.com
43 B
1 typekit.net
use.typekit.net
7 KB
9 3
Domain Requested by
7 jeux2016.com jeux2016.com
1 stats.adobe.com jeux2016.com
1 use.typekit.net jeux2016.com
9 3

This site contains no links.

Subject Issuer Validity Valid
typekit.net
Symantec Class 3 Secure Server CA - G4		 2017-03-20 -
2018-06-19		 a year crt.sh

This page contains 1 frames:

Primary Page: http://jeux2016.com/document/
Frame ID: 4739.1
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

9
Requests

11 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

120 kB
Transfer

309 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 6
  • http://stats.adobe.com/b/ss/adbims,adbadobenonacdcprod/1/JS-1.2.3/s98148925503440?AQB=1&ndh=1&t=9%2F6%2F2017%205%3A20%3A35%200%200&fid=2BC2213A7A8F26FF-3EFC86993A201E4D&ce=UTF-8&ns=adobecorp&pageNa...
  • http://stats.adobe.com/b/ss/adbims,adbadobenonacdcprod/1/JS-1.2.3/s98148925503440?AQB=1&pccr=true&vidn=2CB0DE9185317A2B-40000120800060A9&&ndh=1&t=9%2F6%2F2017%205%3A20%3A35%200%200&fid=2BC2213A7A8F...

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
jeux2016.com/document/ 		270 KB
102 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://jeux2016.com/document/
Protocol
HTTP/1.1
Server
162.251.238.99 Las Vegas, United States, ASN53340 (FIBERHUB - VegasNAP, LLC, US),
Reverse DNS
a9-l102-r1-s2-h34.alphanine.com
Software
nginx /
Resource Hash
2362a1fbd500b5495532baa4eae314bd65f8923c8c04088372da5d6128c85de3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sun, 09 Jul 2017 05:20:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Aug 2014 10:00:38 GMT
Server
nginx
ETag
W/"5e20aec-4372e-50134e8ba3d80"
Vary
Accept-Encoding
X-Nginx-Cache-Status
EXPIRED
Transfer-Encoding
chunked
X-Server-Powered-By
Engintron
Connection
keep-alive
Content-Type
text/html
X-XSS-Protection
1; mode=block
ath5djs.js
use.typekit.net/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ath5djs.js
Requested by
Host: jeux2016.com
URL: http://jeux2016.com/document/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.94.15 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a92-123-94-15.deploy.akamaitechnologies.com
Software
nginx /
Resource Hash
8ee4f8dae7e1c8e39177eb3f3e1379b1d0b7d6b80f42e9f33faa0e72a02131d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
http://jeux2016.com/document/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200, 200 OK
date
Sun, 09 Jul 2017 05:20:34 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
7033
gmail.jpg
jeux2016.com/document/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jeux2016.com/document/images/gmail.jpg
Requested by
Host: jeux2016.com
URL: http://jeux2016.com/document/
Protocol
HTTP/1.1
Server
162.251.238.99 Las Vegas, United States, ASN53340 (FIBERHUB - VegasNAP, LLC, US),
Reverse DNS
a9-l102-r1-s2-h34.alphanine.com
Software
nginx /
Resource Hash
cd6dcc20c7fc1645a20cb212ba8b84d16212bf0bbfb3b0c987e1724479d54a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jeux2016.com/document/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
public
Date
Sun, 09 Jul 2017 05:20:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Aug 2014 09:28:06 GMT
Server
nginx
ETag
"5e20ae8-991-5013474611580"
X-Nginx-Cache-Status
REVALIDATED
Cache-Control
max-age=5184000
X-Server-Powered-By
Engintron
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
2449
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Sep 2017 05:20:35 GMT
aol.jpg
jeux2016.com/document/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jeux2016.com/document/images/aol.jpg
Requested by
Host: jeux2016.com
URL: http://jeux2016.com/document/
Protocol
HTTP/1.1
Server
162.251.238.99 Las Vegas, United States, ASN53340 (FIBERHUB - VegasNAP, LLC, US),
Reverse DNS
a9-l102-r1-s2-h34.alphanine.com
Software
nginx /
Resource Hash
47cf29d05e9b146e3794ad926ce64f4f642d4967e0053f53157808b3f159e841
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jeux2016.com/document/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
public
Date
Sun, 09 Jul 2017 05:20:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Aug 2014 09:28:00 GMT
Server
nginx
ETag
"5e20ae7-a33-5013474058800"
X-Nginx-Cache-Status
REVALIDATED
Cache-Control
max-age=5184000
X-Server-Powered-By
Engintron
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
2611
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Sep 2017 05:20:35 GMT
hotmail.jpg
jeux2016.com/document/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jeux2016.com/document/images/hotmail.jpg
Requested by
Host: jeux2016.com
URL: http://jeux2016.com/document/
Protocol
HTTP/1.1
Server
162.251.238.99 Las Vegas, United States, ASN53340 (FIBERHUB - VegasNAP, LLC, US),
Reverse DNS
a9-l102-r1-s2-h34.alphanine.com
Software
nginx /
Resource Hash
1b8927c63feb8c0735fcaa249daa141369af6ca8a3ca2f9ddae7aeed7ffd7b29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jeux2016.com/document/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
public
Date
Sun, 09 Jul 2017 05:20:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Aug 2014 09:28:12 GMT
Server
nginx
ETag
"5e20ae9-7a7-5013474bca300"
X-Nginx-Cache-Status
REVALIDATED
Cache-Control
max-age=5184000
X-Server-Powered-By
Engintron
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
1959
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Sep 2017 05:20:35 GMT
yahoo.jpg
jeux2016.com/document/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jeux2016.com/document/images/yahoo.jpg
Requested by
Host: jeux2016.com
URL: http://jeux2016.com/document/
Protocol
HTTP/1.1
Server
162.251.238.99 Las Vegas, United States, ASN53340 (FIBERHUB - VegasNAP, LLC, US),
Reverse DNS
a9-l102-r1-s2-h34.alphanine.com
Software
nginx /
Resource Hash
20e315a5caf1553cd05a8f0a02c290c97d2b3d3ea2e485411456529a26043dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jeux2016.com/document/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
public
Date
Sun, 09 Jul 2017 05:20:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Aug 2014 09:28:22 GMT
Server
nginx
ETag
"5e20aeb-85e-5013475553980"
X-Nginx-Cache-Status
REVALIDATED
Cache-Control
max-age=5184000
X-Server-Powered-By
Engintron
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
2142
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Sep 2017 05:20:35 GMT
other.jpg
jeux2016.com/document/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jeux2016.com/document/images/other.jpg
Requested by
Host: jeux2016.com
URL: http://jeux2016.com/document/
Protocol
HTTP/1.1
Server
162.251.238.99 Las Vegas, United States, ASN53340 (FIBERHUB - VegasNAP, LLC, US),
Reverse DNS
a9-l102-r1-s2-h34.alphanine.com
Software
nginx /
Resource Hash
3e543cce18b7844ac9dedf6e30d988dca45b543208a870f775c7fe16fd796a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jeux2016.com/document/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
public
Date
Sun, 09 Jul 2017 05:20:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 22 Aug 2014 09:28:16 GMT
Server
nginx
ETag
"5e20aea-69d-5013474f9ac00"
X-Nginx-Cache-Status
REVALIDATED
Cache-Control
max-age=5184000
X-Server-Powered-By
Engintron
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
1693
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Sep 2017 05:20:35 GMT
s98148925503440
stats.adobe.com/b/ss/adbims,adbadobenonacdcprod/1/JS-1.2.3/
Redirect Chain
  • http://stats.adobe.com/b/ss/adbims,adbadobenonacdcprod/1/JS-1.2.3/s98148925503440?AQB=1&ndh=1&t=9%2F6%2F2017%205%3A20%3A35%200%200&fid=2BC2213A7A8F26FF-3EFC86993A201E4D&ce=UTF-8&ns=adobecorp&pageNa...
  • http://stats.adobe.com/b/ss/adbims,adbadobenonacdcprod/1/JS-1.2.3/s98148925503440?AQB=1&pccr=true&vidn=2CB0DE9185317A2B-40000120800060A9&&ndh=1&t=9%2F6%2F2017%205%3A20%3A35%200%200&fid=2BC2213A7A8F...
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://stats.adobe.com/b/ss/adbims,adbadobenonacdcprod/1/JS-1.2.3/s98148925503440?AQB=1&pccr=true&vidn=2CB0DE9185317A2B-40000120800060A9&&ndh=1&t=9%2F6%2F2017%205%3A20%3A35%200%200&fid=2BC2213A7A8F26FF-3EFC86993A201E4D&ce=UTF-8&ns=adobecorp&pageName=Account%3AIMS%3AonLoad_SignInForm&g=http%3A%2F%2Fjeux2016.com%2Fdocument%2F&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AIMS%3AonLoad_SignInForm&v13=SignIn&c22=adobe.com&v30=adobedotcom2&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: jeux2016.com
URL: http://jeux2016.com/document/
Protocol
HTTP/1.1
Server
66.235.148.129 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.d1.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Referer
http://jeux2016.com/document/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sun, 09 Jul 2017 05:20:35 GMT
X-C
ms-5.3.0
P3P
CP="This is not a P3P policy"
Connection
Keep-Alive
Content-Length
43
Pragma
no-cache
Last-Modified
Mon, 10 Jul 2017 05:20:35 GMT
Server
Omniture DC/2.0.0
xserver
www246
ETag
"5961BD23-7FEE-5B2E2184"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Keep-Alive
timeout=15
Expires
Sat, 08 Jul 2017 05:20:35 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Jul 2017 05:20:35 GMT
Last-Modified
Mon, 10 Jul 2017 05:20:35 GMT
Server
Omniture DC/2.0.0
Access-Control-Allow-Origin
*
xserver
www204
X-C
ms-5.3.0
P3P
CP="This is not a P3P policy"
Location
http://stats.adobe.com/b/ss/adbims,adbadobenonacdcprod/1/JS-1.2.3/s98148925503440?AQB=1&pccr=true&vidn=2CB0DE9185317A2B-40000120800060A9&&ndh=1&t=9%2F6%2F2017%205%3A20%3A35%200%200&fid=2BC2213A7A8F26FF-3EFC86993A201E4D&ce=UTF-8&ns=adobecorp&pageName=Account%3AIMS%3AonLoad_SignInForm&g=http%3A%2F%2Fjeux2016.com%2Fdocument%2F&ch=IMS&c3=services.adobe.com&c4=en_US&c5=en_US%3AAccount%3AIMS%3AonLoad_SignInForm&v13=SignIn&c22=adobe.com&v30=adobedotcom2&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Connection
Keep-Alive
Content-Type
text/plain
Keep-Alive
timeout=15
Content-Length
0
Expires
Sat, 08 Jul 2017 05:20:35 GMT
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae75f31c2922a0c4ecfe6e5f74904a46d26e7695cdeb93383a029bfa841c7f29

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
squarespinner_2x.gif
jeux2016.com/renga-idprovider/resources/web_v2/img/ 		375 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jeux2016.com/renga-idprovider/resources/web_v2/img/squarespinner_2x.gif
Requested by
Host: jeux2016.com
URL: http://jeux2016.com/document/
Protocol
HTTP/1.1
Server
162.251.238.99 Las Vegas, United States, ASN53340 (FIBERHUB - VegasNAP, LLC, US),
Reverse DNS
a9-l102-r1-s2-h34.alphanine.com
Software
nginx /
Resource Hash
4403546cef517cb464c7cfa43e4c6170e0e16e35a5879e3aff4bd1b3bd41a6ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://jeux2016.com/document/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sun, 09 Jul 2017 05:20:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Adobe (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.jeux2016.com/ Name: s_cc
Value: true
.jeux2016.com/ Name: s_fid
Value: 2BC2213A7A8F26FF-3EFC86993A201E4D

1 Console Messages

Source Level URL
Text
console-api error URL: https://use.typekit.net/ath5djs.js(Line 33)
Message:
Typekit: the domain "jeux2016.com" isn't in the list of published domains for kit "ath5djs".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block